Hard disk data security
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Hard disk data security

  1. #1
    Senior Member
    Join Date
    May 2003
    Posts
    226

    Hard disk data security

    Should users use encryption software on the hard disk before storing data on it? Rather than using secure-wipe to remove the data if you want to sell the hard disk.

    Other than TrueCrypt is there any other disk encryption software?

    TrueCrypt: http://www.truecrypt.org/

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    First question to ask:

    What are the requirements?

    Second question to ask:

    Is the data classified as sensitive enough for encryption?

    You get the idea. Don't add technology unless you're solving a problem.

    Guardian makes disk encryption software for the enterprise.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    Quote Originally Posted by Death_Knight
    Should users use encryption software on the hard disk before storing data on it? Rather than using secure-wipe to remove the data if you want to sell the hard disk.
    A lot also depends upon what you are attempting to achieve with encryption. If, as you post suggests, you are looking at encryption to prevent data retrieval after the hard drive has left your possession, that is something I wouldn't suggest. Physical access to the disk, especially if the attacker is the new owner of the disk, will ultimately defeat most encryption - it is really just a matter of how determined the attacker is. If this is the case you are asking, then no. I wouldn't use encryption rather than secure-wipe to protect data.

  4. #4
    Senior Member
    Join Date
    May 2003
    Posts
    226
    Quote Originally Posted by thehorse13
    First question to ask:

    What are the requirements?

    Second question to ask:

    Is the data classified as sensitive enough for encryption?

    You get the idea. Don't add technology unless you're solving a problem.

    Guardian makes disk encryption software for the enterprise.

    --TH13
    I have read articles over the net, people buy used hard disk and they could manage to recover internet banking files and other personal information. This shows that they probably did not do a "wipe" before selling their hard disk.

    Once again, all these problems might not exist in the first place if they use disk encryption software. What I am thinking right now, is there a need for home users to encrypt their disk?

  5. #5
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    No,

    Most people keep their drive until dead, or physically destroy it in a "secure" environment.

    Hey, just how much is a second hand drive worth?

    The problem is with a complete system.....you just wipe the drive
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #6
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Once again, all these problems might not exist in the first place if they use disk encryption software.
    Most of these problems would not exist if people just used their heads!

    What I am thinking right now, is there a need for home users to encrypt their disk?
    The average home user, probably not. If they do work at home and handle “sensitive” information, maybe, but they should already have a routine of properly wiping the data from the computer after each use, and storing any backups securely.
    ( This should be spelled out by whomever they received the information from in AUPs, etc. )

    I just get the feeling that:

    1) the average home user would eventually set the system up so that every time they turned on the computer the disk would be decrypted automatically, defeating the purpose of encryption in the first place ( people are generally lazy, and want to make things as simple as possible. )

    2) the average home user would never properly wipe a drive because they would rely on the encryption, which they effectively defeated ( see #1 )

    IMHO.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  7. #7
    I found something interesting that some of data recovery software can recover data after formatting hard disk 6 times. So I have decided to try on my hard disk but it works only 2 times on my hard disk, after formatting 3 times I am not able to get my data back. By the way I was using easy recovery. Is there any more powerful software than this?

    Is it secure to just wipe the data using some tools? I mean what is more secure (physically destroy or wipe data using some tools) normal home users can not afford to physically destroy hard drive every time. There are some forensic tools like Encase which can recover everything and can find out personal information on hard disk. Most of times my clients ask me for best way to distort their account database from hard drive, I suggested them some tools for permanent data removing. I am not sure but some of data Recovery Company says that they can recover data even if we have deleted using some removal tools.
    one of the great day in my life when i found antionline.com

  8. #8
    Member
    Join Date
    Apr 2005
    Posts
    97
    Maybe this is irrelevant...

    As I understand it, the purpose of encrypting data on the HDD is to protect them from others' access. If you alone access the data, and you are quite sure that your firewall and realtime virus and spy/malware are sufficiently robust, the data can stay there unencrypted and only you alone has access to it.

    For my part, I see no use of data encryption except when I need to send classified information and communication through email (which is something I never did as I'd rather entrust such matters to a warm body courier).

    Should the HDD crash, I'll make sure it stays that way... no one else will be able to access the data thereat as all parts will literally go through the sledgehammer then sent to rust... they'd never reach any dumping area.

    -Goitz
    Si vis pacem, para bellum!

  9. #9
    Agony Aunty-Online Moira's Avatar
    Join Date
    Jun 2003
    Posts
    1,063
    Quote Originally Posted by TechGrunt
    Physical access to the disk, especially if the attacker is the new owner of the disk, will ultimately defeat most encryption - it is really just a matter of how determined the attacker is. If this is the case you are asking, then no. I wouldn't use encryption rather than secure-wipe to protect data.
    Well .... show me the person who can decrypt pgp encrypted files without the password (I know the free version 8 had a security issue, but I'm talking about pgp 9). Secure wipe probably is the most practical way to render your data irretrievable if you're actually disposing of a hard drive, but strong encryption would work.

    I have certain files encrypted on my hard drive because you just never know what might happen, and if there's data you really can't allow people to read then it's a sensible precaution.
    77 111 105 114 97

    My PGP signature

  10. #10
    Senior Member OverdueSpy's Avatar
    Join Date
    Nov 2002
    Posts
    556
    If you are really serious about protecting/encrypting data then you need to pony up and move to a biometric solution. Privaris and Cryptometrics teamed up a few years ago to facilitate biometric authentication and encryption into one device. The nice thing about this combination is that they have the ability to separate the key pairs, where one part is on the FIPS certified fob and the other is on the HDD. Thus you avoid the problem with your standard encryption of having both key pairs on the HDD or Chip within the CPU. Give me access to both key pairs and the encryption can be brute forced.

    Granted it is pricey, but you won't have to worry about your Sales Representatives or Account Managers taping their login information onto thier laptop because they can't remember the username and password associated with the encryption product. AAAARRRRGGGHHHH!!!!
    The mentally handicaped are persecuted in this great country, and I say rightfully so! These people are NUTS!!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides